SSLException "Could not generate DH keypair" when calling Paypal Sandbox

286 views Asked by At

I am using merchantsdk-2.13.117 (latest version). When executing following code, I receive an SSLException:

PayPalAPIInterfaceServiceService service = new PayPalAPIInterfaceServiceService(sdkConfig);
SetExpressCheckoutResponseType setExpressCheckoutResponse = service.setExpressCheckout(setExpressCheckoutReq);

Paypal plans to change their SSL communication. As far as I understand, in the future, only "SSL certification VeriSign G5" will be supported. For that reason they implemented this change to their sandbox. Since that change I receive the above mentioned exception (before it worked correctly).

What exactly do I have to change now:

  • switch Java version (using Java 7)
  • change some parameters in sdkConfig (see code above), which is a map containing following parameters: acct1.Signature, acct1.Password, acct1.UserName, acct1.AppId, mode
  • Perform some changes on the server (using Tomcat)
  • somthing else?

Here, a part of the console output:

javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1842) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1825) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1346) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338) at com.paypal.core.HttpConnection.execute(HttpConnection.java:109) at com.paypal.core.APIService.makeRequestUsing(APIService.java:177) at com.paypal.core.BaseService.call(BaseService.java:265) at urn.ebay.api.PayPalAPI.PayPalAPIInterfaceServiceService.setExpressCheckout(PayPalAPIInterfaceServiceService.java:2196) at urn.ebay.api.PayPalAPI.PayPalAPIInterfaceServiceService.setExpressCheckout(PayPalAPIInterfaceServiceService.java:2148)

1

There are 1 answers

0
Ped Devew On

I have found a solution to this problem:

In my project, an old version of Bouncy Castle was included as external library:

<dependency>
    <groupId>bouncycastle</groupId>
    <artifactId>bcprov-jdk14</artifactId>
    <version>138</version>
</dependency>

Somehow this leads to problems in using SSL communication. After removing the library completely from my project, the SSL communication with Paypal worked again (with Java 6, 7 and 8).